PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2024-06-30 19:02:55 +00:00

Author	SHA1	Message	Date
Darktortue	8caba394d5	Added zerologon authentication relay technique	2023-01-10 11:23:45 +01:00
Swissky	b27ba26af9	Merge pull request #609 from m3dsec/patch-1 Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.	2023-01-10 11:06:07 +01:00
Jérémy LARDENOIS	3a97ad3f41	fix: remove docker metasploit installation	2023-01-10 08:51:28 +01:00
Swissky	d4742a9688	SOCKS Compatibility Table + CORS	2023-01-05 01:50:11 +01:00
m3dsec	834c6bca20	Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.	2023-01-01 14:24:57 +01:00
Swissky	5190829ab4	RustHound Examples	2022-12-30 11:01:31 +01:00
hackprogrammatic	749420fdd2	Update Cloud - AWS Pentest.md spelling errors, update allows users to easily copy/paste	2022-12-07 22:47:41 -06:00
Swissky	d67ec2469c	SCCM Shares	2022-12-04 11:38:19 +01:00
Swissky	cbb2137f3b	ESC11 - Relay NTLM to ICPR	2022-11-21 10:48:27 +01:00
Swissky	2ed3c03e78	Kubernetes Pentest	2022-11-18 13:00:11 +01:00
Swissky	5966c3a21b	NTDS Reversible Encryption	2022-11-11 14:52:56 +01:00
CravateRouge	95e989f5a1	Add application endpoint enumeration	2022-11-07 11:47:47 +01:00
Swissky	e5ea12a3ca	Active Directory Federation Services	2022-11-07 10:10:33 +01:00
Swissky	3e9ef2efbe	ADFS Golden SAML	2022-11-07 10:10:21 +01:00
Swissky	0212830fb4	Merge pull request #599 from CravateRouge/patch-5 Fix broken link not compatible with MkDocs	2022-11-06 12:34:56 +01:00
CravateRouge	c14392731c	Fix broken link not compatible with MkDocs	2022-11-06 12:12:36 +01:00
CravateRouge	e5a18a72c2	findstr ignore error and print results in file	2022-11-06 11:58:00 +01:00
Swissky	c17ae602fc	Merge pull request #596 from CravateRouge/patch-2 Add AzureHound examples	2022-11-04 16:42:49 +01:00
CravateRouge	18c656f756	Add AzureHound examples	2022-11-04 15:09:39 +01:00
CravateRouge	598751f7c6	Redirect duplicate	2022-11-04 14:43:20 +01:00
CravateRouge	a287736a3a	Add Snaffpoint usage example	2022-11-04 14:15:08 +01:00
Swissky	e556e9ad40	Merge pull request #589 from jaxBCD/patch-2 Update Subdomain enumeration	2022-11-03 21:34:48 +01:00
Swissky	3dd7f46717	Update Subdomains Enumeration.md	2022-11-03 21:34:34 +01:00
Swissky	2227472e1c	.NET formatters and POP gadgets	2022-11-03 21:31:50 +01:00
Marcus T	11fbceca31	Add git persistence techniques Adds information about backdooring git configs and git hooks.	2022-10-29 19:37:32 -07:00
Marcus T	501975a330	Add timestomping to Linux evasion techniques	2022-10-26 15:40:03 -04:00
jaxBCD	d999f798d7	Update Subdomain enumeration	2022-10-25 15:44:37 +07:00
Fabian S. Varon Valencia	3adbd70b01	remove not found links	2022-10-24 12:29:59 -05:00
Fabian S. Varon Valencia	b00ba7f38d	replace currento 404 link with 200 time Machine web snapshot	2022-10-24 12:29:32 -05:00
Fabian S. Varon Valencia	9128b183d3	update link URL	2022-10-24 12:28:31 -05:00
Swissky	fe41254fde	XXS Public Example + PHP Filter RCE	2022-10-24 12:05:39 +02:00
Swissky	35ff178624	Merge pull request #587 from abhishekchak52/typo-grammar-fix Typo and grammar fix	2022-10-23 11:20:30 +02:00
Abhishek Chakraborty	37da322136	Typo and grammar fix	2022-10-22 17:47:10 -07:00
nzdjb	c5146f5dc8	feat: Explain ec2:AssociateIamInstanceProfile Add explanation for ec2:AssociateIamInstanceProfile. Also, fix a typo.	2022-10-23 09:24:08 +13:00
7RU7H	22fe4d16e2	Update Windows -Privilege Escalation - Typo Fix # Line 304 - Typo: `...\CurentControlSet\..` -> `...\CurrentControlSet\..`	2022-10-22 14:27:01 +01:00
Swissky	8df30de938	Remove deadlink	2022-10-21 12:16:32 +02:00
Swissky	2fc3eed8a5	Insecure Randomness	2022-10-17 11:07:33 +02:00
Swissky	8df0f565f3	Sapphire and Diamond Tickets	2022-10-16 20:46:05 +02:00
Swissky	b7043cfedd	Bug Hunting Methodology Update	2022-10-16 00:27:47 +02:00
llamasoft	78ff651643	Add Linux evasion to its own article Linux evasion techniques were previously included as part of persistence, but the number of techniques are varied enough where it likely should be its own article.	2022-10-14 17:30:25 -04:00
Swissky	6479c3a400	Merge pull request #574 from sebch-/patch-5 Update Active Directory Attack.md	2022-10-12 21:43:44 +02:00
Seb	b809e104e6	Update Active Directory Attack.md	2022-10-12 21:24:47 +02:00
Seb	f18d4991ff	Update Active Directory Attack.md	2022-10-12 19:47:40 +02:00
Seb	5480c40098	Update Hash Cracking.md	2022-10-12 19:29:15 +02:00
Seb	ad5bbd49f1	Update Hash Cracking.md	2022-10-12 18:06:22 +02:00
Swissky	f7a74feaf7	Azure Tools Update	2022-10-12 18:03:49 +02:00
pop3ret	0530c19c88	Update Cloud - AWS Pentest.md	2022-10-09 16:03:33 -03:00
pop3ret	4b4a630085	Changed summary and chapters Changed summary to include the cheatsheet and also changed the format of the cheatsheet to be the same as the original file	2022-10-09 16:01:14 -03:00
Swissky	522b55eec5	Update Cloud - AWS Pentest.md	2022-10-07 10:50:59 +02:00
pop3ret	00189411d4	Merge AWSome Pentesting into Cloud - AWS Pentest Merge the notes with the existing one	2022-10-06 13:43:09 -03:00
Alexander Lübeck	576322d475	Fixed invalid hyperlink	2022-10-02 15:58:16 +02:00
Swissky	99a1304af9	Methodology and enumeration rework	2022-10-02 13:13:16 +02:00
Swissky	4ed3e3b6b9	Blind SSTI Jinja	2022-10-02 12:24:39 +02:00
Swissky	72a8556dc9	NodeJS Serialization	2022-09-23 11:21:29 +02:00
Swissky	2d30e22121	DPAPI - Data Protection API	2022-09-23 00:35:34 +02:00
Processus Thief	8d564ff78b	update hekatomb to install with pip hekatomb is now available on pypi to simplify its installation	2022-09-22 16:10:20 +02:00
Processus Thief	885f8bdb8f	Adding Hekatomb.py to DPAPI credentials stealing Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers. Finally, it will extract domain controller private key through RPC uses it to decrypt all credentials. More infos here : https://github.com/Processus-Thief/HEKATOMB	2022-09-20 16:56:07 +02:00
Swissky	b6e7210ee0	Merge pull request #501 from fantesykikachu/win-p3-revshell Add Windows Python3 Reverse Shell	2022-09-06 23:23:50 +02:00
CravateRouge	dad7362da6	Update bloodyAD attacks	2022-09-06 19:13:34 +02:00
Swissky	191a72c57e	Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings	2022-09-06 10:05:16 +02:00
Swissky	2be739ea4f	Fixing TGS/ST	2022-09-06 10:03:49 +02:00
Swissky	bdc2d55dd9	Merge pull request #533 from 0xsyr0/patch-1 Quick fix for WSUS malicious patch	2022-09-04 20:54:17 +02:00
Swissky	9e2471a472	SCCM Network Account	2022-09-04 20:51:23 +02:00
Swissky	fae02107df	Jetty RCE Credits	2022-09-04 14:24:16 +02:00
Swissky	811863501b	ESC9 - No Security Extension	2022-09-03 12:07:24 +02:00
0xsry0	343d63f79f	Quick fix for WSUS malicious patch Not sure if it is deprecated but by tackling the box Outdated on HTB, the command didn't worked with two `&&`. To concatenate `"net user WSUSDemo Password123! /add ` and `net localgroup administrators WSUSDemo /add\""`, the `^&` is required.	2022-08-24 09:10:55 +02:00
Swissky	fbd7517e04	LFI2RCE - Picture Compression - SOCKS5 CS	2022-08-21 16:38:54 +02:00
Swissky	804920be62	Source Code Management	2022-08-18 10:43:01 +02:00
Swissky	6650c361e7	Capture a network trace with builtin tools	2022-08-15 15:02:29 +02:00
Adham Elmosalamy	1b2471265a	Typo fix	2022-08-08 16:08:55 +04:00
Swissky	7fe0a0475e	Docker Escape cgroup	2022-08-05 12:26:31 +02:00
Swissky	835d6fffe0	Shadow Credentials	2022-08-05 12:00:41 +02:00
Swissky	52e255cb75	Merge pull request #520 from sebch-/patch-1 Update Active Directory Attack.md	2022-08-03 19:20:11 +02:00
Spidycodes	bb6c9ed172	typo	2022-08-02 21:48:07 +00:00
Seb	310338b279	Update Active Directory Attack.md Find AD	2022-08-02 15:09:23 +02:00
Swissky	e386a110d9	Find DC	2022-07-27 17:23:30 +02:00
Swissky	fc8fadbb0c	PR Guidelines + User Hunting + HopLa Configuration	2022-06-30 16:33:35 +02:00
fantesykikachu	f6c455d8f9	Windows Python3 Reverse Shell	2022-06-28 06:54:06 +00:00
Marwan Nour	36e417f129	Added DirtyPipe to kernel exploits Fixed some links in the table of contents	2022-06-23 16:55:58 +02:00
Sh0ckFR	a4e43fb24c	Added Thread Stack Spoofer description	2022-06-22 12:11:49 +02:00
Sh0ckFR	4b07c91e7b	Added Sleep Mask Kit Link	2022-06-21 15:52:30 +02:00
Alexandre ZANNI	b831175f99	add english version of the article	2022-06-20 20:31:11 +02:00
Swissky	ad336b4d55	Privileged Access Management (PAM) Trust	2022-06-09 11:30:43 +02:00
Swissky	881c354b34	Pre-Created Computer Account	2022-06-08 12:14:11 +02:00
Swissky	0c7da8ec41	DNS Admins Group	2022-06-07 20:36:09 +02:00
Swissky	3066615cde	LAPS Access + Pass the Cert + Writeable folder	2022-05-31 11:57:44 +02:00
NocFlame	bebc87887a	added link to hashcat	2022-05-25 10:09:09 +02:00
NocFlame	ca959ec806	Added missing parenthese	2022-05-25 10:04:41 +02:00
NocFlame	2ef501f883	replaced backslash with forwardslash in cmd syntax As defined in cmd.exe /? /C Carries out the command specified by string and then terminates	2022-05-25 09:55:05 +02:00
Swissky	5035ed0891	WSUS Exploitation	2022-05-15 21:22:39 +02:00
Swissky	4cf464cc96	Certifried CVE-2022-26923	2022-05-13 09:44:51 +02:00
Swissky	d09659b164	Merge pull request #496 from cmd-ctrl-freq/master Update Cloud - AWS Pentest.md	2022-05-11 10:25:30 +02:00
Swissky	67457ec582	SCCM deployment + JSON uploads	2022-05-09 15:14:26 +02:00
David Fentz	d3a296486e	Update Cloud - AWS Pentest.md Added a reference to Cloudgoat in the Training section of the AWS pentesting docs.	2022-05-05 08:48:55 -07:00
Moayad Almalat	8a6e8b8f05	Update Cobalt Strike - Cheatsheet.md Update Cobalt Strike user Guide to the latest version.	2022-04-25 15:18:04 +02:00
Swissky	5a89c6a5ca	Windows Management Instrumentation Event Subscription	2022-04-24 15:01:18 +02:00
Swissky	b0d05faded	TruffleHog examples + Cortex XDR disable	2022-04-14 09:42:15 +02:00
Swissky	89f0b93d43	Elastic EDR + VM Persistence	2022-03-27 19:50:33 +02:00
Swissky	d40e055629	Golden GMSA + Scheduled Task	2022-03-15 11:15:44 +01:00
Swissky	4abd52697f	MSSQL Agent Command Execution	2022-03-10 11:05:17 +01:00

1 2 3 4 5 ...

530 Commits